Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
a3e9b8ae by Salvatore Bonaccorso at 2020-12-15T09:19:08+01:00
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,9 +1,9 @@
CVE-2020-35472
RESERVED
CVE-2020-35471 (Envoy before 1.16.1 mishandles dropped and truncated
datagrams, as dem ...)
- TODO: check
+ NOT-FOR-US: envoy proxy (not the same as itp'ed envoy, #758651)
CVE-2020-35470 (Envoy before 1.16.1 logs an incorrect downstream address
because it co ...)
- TODO: check
+ NOT-FOR-US: envoy proxy (not the same as itp'ed envoy, #758651)
CVE-2020-35469
RESERVED
CVE-2020-35468
@@ -3330,9 +3330,9 @@ CVE-2020-29306
CVE-2020-29305
RESERVED
CVE-2020-29304 (A cross-site scripting (XSS) vulnerability exists in the
SabaiApps Wor ...)
- TODO: check
+ NOT-FOR-US: SabaiApps WordPress Directories Pro plugin
CVE-2020-29303 (A cross-site scripting (XSS) vulnerability in the SabaiApp
Directories ...)
- TODO: check
+ NOT-FOR-US: SabaiApp Directories Pro plugin for WordPress
CVE-2020-29302
RESERVED
CVE-2020-29301
@@ -4306,9 +4306,9 @@ CVE-2020-28863
CVE-2020-28862
RESERVED
CVE-2020-28861 (OpenAsset Digital Asset Management (DAM) 12.0.19 and earlier
failed to ...)
- TODO: check
+ NOT-FOR-US: OpenAsset Digital Asset Management (DAM)
CVE-2020-28860 (OpenAssetDigital Asset Management (DAM) through 12.0.19 does
not corre ...)
- TODO: check
+ NOT-FOR-US: OpenAsset Digital Asset Management (DAM)
CVE-2020-28859 (OpenAsset Digital Asset Management (DAM) through 12.0.19 does
not corr ...)
NOT-FOR-US: OpenAsset Digital Asset Management (DAM)
CVE-2020-28858 (OpenAsset Digital Asset Management (DAM) through 12.0.19 does
not corr ...)
@@ -11207,7 +11207,7 @@ CVE-2020-27254
CVE-2020-27253 (A flaw exists in the Ingress/Egress checks routine of
FactoryTalk Linx ...)
NOT-FOR-US: FactoryTalk
CVE-2020-27252 (Medtronic MyCareLink Smart 25000 all versions are vulnerable
to a race ...)
- TODO: check
+ NOT-FOR-US: Medtronic MyCareLink Smart 25000
CVE-2020-27251 (A heap overflow vulnerability exists within FactoryTalk Linx
Version 6 ...)
NOT-FOR-US: FactoryTalk
CVE-2020-27250
@@ -16057,7 +16057,7 @@ CVE-2020-25189 (The affected product is vulnerable to
three stack-based buffer o
CVE-2020-25188 (An attacker who convinces a valid user to open a specially
crafted pro ...)
NOT-FOR-US: LAquis SCADA
CVE-2020-25187 (Medtronic MyCareLink Smart 25000 all versions are vulnerable
when an a ...)
- TODO: check
+ NOT-FOR-US: Medtronic MyCareLink Smart 25000
CVE-2020-25186 (An XXE vulnerability exists within LeviStudioU Release Build
2019-09-2 ...)
NOT-FOR-US: LeviStudioU Release
CVE-2020-25185 (The affected product is vulnerable to five post-authentication
buffer ...)
@@ -16065,7 +16065,7 @@ CVE-2020-25185 (The affected product is vulnerable to
five post-authentication b
CVE-2020-25184
RESERVED
CVE-2020-25183 (Medtronic MyCareLink Smart 25000 all versions contain an
authenticatio ...)
- TODO: check
+ NOT-FOR-US: Medtronic MyCareLink Smart 25000
CVE-2020-25182
RESERVED
CVE-2020-25181 (WECON PLC Editor Versions 1.3.8 and prior has a heap-based
buffer over ...)
@@ -26272,7 +26272,7 @@ CVE-2020-20185
CVE-2020-20184 (GateOne allows remote attackers to execute arbitrary commands
via shel ...)
TODO: check
CVE-2020-20183 (Insecure direct object reference vulnerability in
Zyxel’s P1302- ...)
- TODO: check
+ NOT-FOR-US: Zyxel
CVE-2020-20182
RESERVED
CVE-2020-20181
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/a3e9b8aefb715a9ccc40cbfd3d20b635dd246bf7
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/a3e9b8aefb715a9ccc40cbfd3d20b635dd246bf7
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
